package com.fzy.core.acegi;

import java.io.IOException;

import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.acegisecurity.AuthenticationException;
import org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

public class MyAuthenticationEntryPoint extends AuthenticationProcessingFilterEntryPoint {

	private String outsideLoginFormUrl;
	private String insideLoginFormUrl;
	private static final Log logger = LogFactory
			.getLog(MyAuthenticationEntryPoint.class);

	public void commence(ServletRequest request, ServletResponse response,
			AuthenticationException authException) throws IOException,
			ServletException {

		String loginFormUrl = "";
		HttpServletRequest req = (HttpServletRequest) request;

		String targetUrl = req.getRequestURI() != null ? req.getRequestURI()
				: "";
		
		loginFormUrl=targetUrl.indexOf("/site/") > -1? this.outsideLoginFormUrl: this.insideLoginFormUrl;
		
		String scheme = request.getScheme();
		String serverName = request.getServerName();
		int serverPort = getPortResolver().getServerPort(request);
		String contextPath = req.getContextPath();

		boolean inHttp = "http".equals(scheme.toLowerCase());
		boolean inHttps = "https".equals(scheme.toLowerCase());

		boolean includePort = true;

		String redirectUrl = null;
		boolean doForceHttps = false;
		Integer httpsPort = null;

		if (inHttp && (serverPort == 80)) {
			includePort = false;
		} else if (inHttps && (serverPort == 443)) {
			includePort = false;
		}

		if (getForceHttps() && inHttp) {
			httpsPort = (Integer) getPortMapper().lookupHttpsPort(new Integer(
					serverPort));

			if (httpsPort != null) {
				doForceHttps = true;
				if (httpsPort.intValue() == 443) {
					includePort = false;
				} else {
					includePort = true;
				}
			}

		}

		if (isServerSideRedirect()) {

			if (doForceHttps) {

				// before doing server side redirect, we need to do client
				// redirect to https.

				String servletPath = req.getServletPath();
				String pathInfo = req.getPathInfo();
				String query = req.getQueryString();

				redirectUrl = "https://" + serverName
						+ ((includePort) ? (":" + httpsPort) : "")
						+ contextPath + servletPath
						+ (pathInfo == null ? "" : pathInfo)
						+ (query == null ? "" : "?" + query);

			} else {

				if (logger.isDebugEnabled()) {
					logger.debug("Server side forward to: " + loginFormUrl);
				}

				RequestDispatcher dispatcher = req
						.getRequestDispatcher(loginFormUrl);

				dispatcher.forward(request, response);

				return;

			}

		} else {

			if (doForceHttps) {

				redirectUrl = "https://" + serverName
						+ ((includePort) ? (":" + httpsPort) : "")
						+ contextPath + loginFormUrl;

			} else {

				redirectUrl = scheme + "://" + serverName
						+ ((includePort) ? (":" + serverPort) : "")
						+ contextPath + loginFormUrl;

			}
		}

		if (logger.isDebugEnabled()) {
			logger.debug("Redirecting to: " + redirectUrl);
		}

		((HttpServletResponse) response)
				.sendRedirect(((HttpServletResponse) response)
						.encodeRedirectURL(redirectUrl));

	}

	public String getOutsideLoginFormUrl() {
		return outsideLoginFormUrl;
	}

	public void setOutsideLoginFormUrl(String outsideLoginFormUrl) {
		this.outsideLoginFormUrl = outsideLoginFormUrl;
	}

	public String getInsideLoginFormUrl() {
		return insideLoginFormUrl;
	}

	public void setInsideLoginFormUrl(String insideLoginFormUrl) {
		this.insideLoginFormUrl = insideLoginFormUrl;
	}
	
	
}
